# Signed Values

Signed values are a specialized field type that enables machine steps to generate tamper-proof variables that are valid only for the user who requested them. They are particularly useful in scenarios where it is critical to trust values sent from the client, as they allow one machine step to verify that it is receiving an unmodified output from another machine step within the same application.&#x20;

{% hint style="warning" %}
Currently, **signed values** are supported only in database connectors such as IFS 10, Oracle, and SQL Server
{% endhint %}

### Example Scenario

Let’s consider an example to illustrate where signed values can be used. As described in [this section](/flow-connect/working-with-connect/connect-to-systems/connectors/ifs-applications-10.md#run-as-flow-user), ***Run As Flow User*** is a commonly used feature that allows IFS 10 machine steps to be executed using the currently logged-in Flow user by default.

In Flow Connect, the `:FlowUser__email` flow variable represents the logged-in Flow user and always contains the user’s email address. An important point to note is that `:FlowUser__email` is, by default, a signed value, meaning it can be trusted to be tamper-proof.

To mimic the ***Run As Flow User*** functionality in Flow Connect you can run a simple query at the start of each application to retrieve the corresponding IFS User ID for the currently logged-in Flow user. This query result will produce `:ifsUserId` which will be used in all subsequent machine steps as the Run As User value.

<figure><img src="/files/sgW3WZKjVD5Cb3IJ7hKQ" alt=""><figcaption></figcaption></figure>

You can use `:ifsUserId` to fetch additional user details such as company, default site, employee ID, and similar attributes. These values are then passed to subsequent machine steps to retrieve further data that is both sensitive and user-specific. For example, financial transactions, personal information, or time and attendance (clocking) details.

<figure><img src="/files/vUBMROIEFxJZ1cAnn4iL" alt=""><figcaption></figcaption></figure>

In a scenario like this, it is critical to ensure that `:ifsUserId` is tamper-proof, since subsequent machine steps rely on this value being both safe and accurate. To address this, we revisit our initial example where `:ifsUserId` is retrieved and apply a small modification, as shown in the picture. By marking `:ifsUserId` as a **signed value**, we ensure that it cannot be altered and can be safely trusted throughout the remaining machine steps. By doing so, we can prevent accidental exposure or unauthorized access to user-specific and sensitive data.

<figure><img src="/files/UzM9puv1u7kGfX0u2qII" alt=""><figcaption></figcaption></figure>

{% hint style="danger" %}
Signed values are supported only for **Single Value** and **Single Record** call types. **Multiple Records** and **Script** call types that use iterators are not supported.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.novacura.com/flow-connect/working-with-connect/connect-to-systems/signed-values.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.